projects
/
citadel.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (parent:
7655043
)
* Bounds checking in CtdlDirectoryLookup()
author
Art Cancro
<ajc@citadel.org>
Fri, 12 Aug 2005 18:00:30 +0000
(18:00 +0000)
committer
Art Cancro
<ajc@citadel.org>
Fri, 12 Aug 2005 18:00:30 +0000
(18:00 +0000)
citadel/ChangeLog
patch
|
blob
|
history
citadel/internet_addressing.c
patch
|
blob
|
history
citadel/internet_addressing.h
patch
|
blob
|
history
citadel/msgbase.c
patch
|
blob
|
history
citadel/serv_vcard.c
patch
|
blob
|
history
diff --git
a/citadel/ChangeLog
b/citadel/ChangeLog
index d5d3967538b228d60b55ec96fb06bc503f33a1f7..2014bfc9a9022b738f2c20fbeafe54d6456bfce9 100644
(file)
--- a/
citadel/ChangeLog
+++ b/
citadel/ChangeLog
@@
-1,4
+1,7
@@
$Log$
$Log$
+Revision 654.15 2005/08/12 18:00:29 ajc
+* Bounds checking in CtdlDirectoryLookup()
+
Revision 654.14 2005/08/12 15:18:27 ajc
* updated the roadmap
Revision 654.14 2005/08/12 15:18:27 ajc
* updated the roadmap
@@
-7042,4
+7045,3
@@
Sat Jul 11 00:20:48 EDT 1998 Nathan Bryant <bryant@cs.usm.maine.edu>
Fri Jul 10 1998 Art Cancro <ajc@uncensored.citadel.org>
* Initial CVS import
Fri Jul 10 1998 Art Cancro <ajc@uncensored.citadel.org>
* Initial CVS import
-
diff --git
a/citadel/internet_addressing.c
b/citadel/internet_addressing.c
index f99c1b0756b115033e9dc03d47c1ea629aa18c68..9dbc5b875c99573c402656e4cdeb975e8ca628f4 100644
(file)
--- a/
citadel/internet_addressing.c
+++ b/
citadel/internet_addressing.c
@@
-610,12
+610,12
@@
void CtdlDirectoryDelUser(char *internet_addr, char *citadel_addr) {
* On success: returns 0, and Citadel address stored in 'target'
* On failure: returns nonzero
*/
* On success: returns 0, and Citadel address stored in 'target'
* On failure: returns nonzero
*/
-int CtdlDirectoryLookup(char *target, char *internet_addr) {
+int CtdlDirectoryLookup(char *target, char *internet_addr
, size_t targbuflen
) {
struct cdbdata *cdbrec;
char key[SIZ];
/* Dump it in there unchanged, just for kicks */
struct cdbdata *cdbrec;
char key[SIZ];
/* Dump it in there unchanged, just for kicks */
- s
trcpy(target, internet_addr
);
+ s
afestrncpy(target, internet_addr, targbuflen
);
/* Only do lookups for addresses with hostnames in them */
if (num_tokens(internet_addr, '@') != 2) return(-1);
/* Only do lookups for addresses with hostnames in them */
if (num_tokens(internet_addr, '@') != 2) return(-1);
@@
-626,7
+626,7
@@
int CtdlDirectoryLookup(char *target, char *internet_addr) {
directory_key(key, internet_addr);
cdbrec = cdb_fetch(CDB_DIRECTORY, key, strlen(key) );
if (cdbrec != NULL) {
directory_key(key, internet_addr);
cdbrec = cdb_fetch(CDB_DIRECTORY, key, strlen(key) );
if (cdbrec != NULL) {
- safestrncpy(target, cdbrec->ptr,
SIZ
);
+ safestrncpy(target, cdbrec->ptr,
targbuflen
);
cdb_free(cdbrec);
return(0);
}
cdb_free(cdbrec);
return(0);
}
diff --git
a/citadel/internet_addressing.h
b/citadel/internet_addressing.h
index c63ec94cc6d272fc515ea726e2592fca4eb82436..6e7b227cfa4de8ee29f93f77d97a4ddf9565d69b 100644
(file)
--- a/
citadel/internet_addressing.h
+++ b/
citadel/internet_addressing.h
@@
-21,7
+21,7
@@
int IsDirectory(char *addr);
void CtdlDirectoryInit(void);
void CtdlDirectoryAddUser(char *internet_addr, char *citadel_addr);
void CtdlDirectoryDelUser(char *internet_addr, char *citadel_addr);
void CtdlDirectoryInit(void);
void CtdlDirectoryAddUser(char *internet_addr, char *citadel_addr);
void CtdlDirectoryDelUser(char *internet_addr, char *citadel_addr);
-int CtdlDirectoryLookup(char *target, char *internet_addr);
+int CtdlDirectoryLookup(char *target, char *internet_addr
, size_t targbuflen
);
struct CtdlMessage *convert_internet_message(char *rfc822);
int CtdlHostAlias(char *fqdn);
struct CtdlMessage *convert_internet_message(char *rfc822);
int CtdlHostAlias(char *fqdn);
diff --git
a/citadel/msgbase.c
b/citadel/msgbase.c
index 941af80b4701ee72df29d73e42543e9cabf94feb..a5035ce27644915ec79a25e61efc2b63c945d477 100644
(file)
--- a/
citadel/msgbase.c
+++ b/
citadel/msgbase.c
@@
-174,7
+174,7
@@
int alias(char *name)
fclose(fp);
/* Hit the Global Address Book */
fclose(fp);
/* Hit the Global Address Book */
- if (CtdlDirectoryLookup(aaa, name) == 0) {
+ if (CtdlDirectoryLookup(aaa, name
, sizeof aaa
) == 0) {
strcpy(name, aaa);
}
strcpy(name, aaa);
}
diff --git
a/citadel/serv_vcard.c
b/citadel/serv_vcard.c
index 1365d07b3b44ecd352760a9ae14f42242a230ceb..0d18e893acb65a9f7d0065681e731d872395dcbd 100644
(file)
--- a/
citadel/serv_vcard.c
+++ b/
citadel/serv_vcard.c
@@
-128,7
+128,6
@@
void vcard_extract_internet_addresses(struct CtdlMessage *msg,
/*
* Callback for vcard_add_to_directory()
* (Lotsa ugly nested callbacks. Oh well.)
/*
* Callback for vcard_add_to_directory()
* (Lotsa ugly nested callbacks. Oh well.)
- * This little shim function makes sure we're not
*/
void vcard_directory_add_user(char *internet_addr, char *citadel_addr) {
char buf[SIZ];
*/
void vcard_directory_add_user(char *internet_addr, char *citadel_addr) {
char buf[SIZ];
@@
-139,7
+138,7
@@
void vcard_directory_add_user(char *internet_addr, char *citadel_addr) {
*/
if (CC->logged_in) {
lprintf(CTDL_DEBUG, "Checking for <%s>...\n", internet_addr);
*/
if (CC->logged_in) {
lprintf(CTDL_DEBUG, "Checking for <%s>...\n", internet_addr);
- if (CtdlDirectoryLookup(buf, internet_addr) == 0) {
+ if (CtdlDirectoryLookup(buf, internet_addr
, sizeof buf
) == 0) {
if (strcasecmp(buf, citadel_addr)) {
/* This address belongs to someone else.
* Bail out silently without saving.
if (strcasecmp(buf, citadel_addr)) {
/* This address belongs to someone else.
* Bail out silently without saving.
@@
-915,7
+914,7
@@
void cmd_qdir(char *argbuf) {
extract_token(internet_addr, argbuf, 0, '|', sizeof internet_addr);
extract_token(internet_addr, argbuf, 0, '|', sizeof internet_addr);
- if (CtdlDirectoryLookup(citadel_addr, internet_addr) != 0) {
+ if (CtdlDirectoryLookup(citadel_addr, internet_addr
, sizeof citadel_addr
) != 0) {
cprintf("%d %s was not found.\n",
ERROR + NO_SUCH_USER, internet_addr);
return;
cprintf("%d %s was not found.\n",
ERROR + NO_SUCH_USER, internet_addr);
return;